Attacks follow a certain sequence—incursion, discovery, capture and exfiltration. Stuxnet has been the most advanced attack so far. Its immediate successor was Duqu. Governments have been attacked frequently of late.
He stated, “What is more dangerous is what is not disclosed in the media.”
To combat threats, governments are collaborating through national and multi-lateral initiatives. However, there is no cyber equivalent of Interpol; no agency to collate information on cyberspace.
According to him, the doctrine of national security had to change. There is a need to be aware and to have the right intelligence. One should try and have foreknowledge of these attacks. Organizations should understand their assets and prioritize what is important in their networks.
An organizations should always start from the point wherein it realizes that it might be attacked. “Security is not enough, resilience is required. One needs to ensure operational continuity and the ability to recover.”
Symantec works with the government in jointly funded security research. It helps in the joint deployment of security intelligence technologies.